Windows 2000 Server: Configure Active Directory

When installing Windows 2000 Server, it is configured to work as “Standalone Server”.When making the first logon , you will be presented with “Windows 2000 Configure Your Server”:You can continue the configuration at this time, but you can also select to close this windowsand to configure other items on the system or to install some other software, because this windowwill be shown on each new logon until you have made the configuration and selected that thiswindows will NOT be displayed anymore.

You can display thiswindow at any time byselecting in the menu“Configure Your Server“,which is part of the“Administrative Tools“

There are multiple possibilities to configure a server for “Active Directory”, depending on whether you have a small network with just one server or a larger network with multiple server oreven a WAN with server in multiple countries.In this installation example below, I assume that this is the only Windows 2000 server on thenetwork.

If you have no special needs for the configuration, then you can simply follow the instructionsof this wizard to configure your system:– select “This is the only server in my network“– continue with “Next”:This selection would “automatically configure” the server with all required components:– the Active Directory– a DHCP-server– a DNS-server (which is required for the Active Direcory)Before allowing this wizard to reconfigure completely my system, I requested to“Show more details”:The wizard would define for me the IP-address for the server and the subnet for my complete network , which I did not like: I needed to use a different IP-address.I decided therefore to cancel this step and to follow the advise to go back to “Home“to select the other option : “One or more servers are already running in my network” :No more fully automated installation by a wizard:We need now to select manually the services to be installed from the menu on the left.Lets select “Active Directory“:

You have the possibility toread more about the detailsof domain controller andon how to define multipledomain-controllers in a network.( since this example assumes onlyONE Windows 2000 server on thenetwork, I will not discuss here theterms “Tree” and “Forest”)Important:the installation of the Active Directiryrequires that at least ONE partitionon the harddisk is formated with NTFS.If you do not yet have such a partition, you can cancel here theinstallation of the Active Directory,prepare a partition in NTFS andthen restart this configuration.It is up to you to decide, whichpartition to use with NTFS.I personally prefer to keep theC-drive (“system drive“) inFAT format, so I formatted in thisexample the F-drive in NTFS .Continue the installation with“Start the Active Direcory Wizard“

just “Next“

We are installing thefirst Domain Controller

Again, we are installing afirst domain controller andfor this domain, we need tocreate a new domain tree.Example: I will call below mydomain “JHHOME.COM“.If I would now create asecond domain called:“SUPPORT.JHHOME.COM“,it would be part of the samedomain tree as JHHOME.COM

Like in nature, trees usually grow in a forest , and using thiscomparison, we need to define the forest for our domain tree.In general, each new top-level domain name(like: JHHOME.COM)would be a new forest.Since this is our first domain,we need to create a new “forest“for our “Domain Tree” (which is then the only tree in our forest).Here is a difference compared tonature: one tree is just one tree andnot a forest, but with computers, it isjust a matter of definition)

It is now required to definethe name of the new domain.As I was used with Windows9xand Windows NT4 networking,I selected the name of theworkgroup to become the newname of my domain.However, note already theexact message:“Full DNS name for new domain“.As you are used to see withInternet Domain names, anetwork Domain should havenow a second part separatedby a dot.

To avoid problems, I amredefining my domain nameto be now: “JHHOME.COM”,which looks like an InternetDomain name.(I am not sure, but if you insist onusing no “dot-something”, Windows 2000 will add itself “.DOM” )It does NOT matter, whetherthis name is registered and inuse already on the Internet,because you will be using itonly on your own network,and as long as you are notregistering this domain nameas Internet Domain name, itwill NOT be known by theInternet users.

While a network with ONLYWindows2000 systems can work using only DNS, anynetwork with “legacy” versions of Windows (WfW, Windows95/98/ME,Windows NT4) requires theuse of “NetBIOS“, eitherusing “NetBEUI” -protocol orusing “NetBIOS over TCP/IP“,for which I need to define aNetBIOS compatible Domainname.Here I can use now the nameof the workgroup, which Ilike to change to a domain.

You need to define the locationfor the database and Log-filefor the Active Directory.(on my system, I did not havethe 200 Mbyte free disk capacityon my C:- system drive, so I wasrequired = forced by the installion wizard to store this informationto a different drive )

Remember the window with the information on theActive Direcory stating theneed to a partition in NTFS ?At this time, the “SYSVOL“folder must be defined onan NTFS Disk-partition.The SYSVOL folder will belater visible as part of the“Network Neighborhood“or “My Network Places“and will contain user specificfile, and to be able to controlthe access to these files, thatpartition must be NTFS(since it is not possible to use a FAT -partition to define Access rights)

Active Directory is based onusing a DNS-server.Since I did not yet install /configure a DNS-server,it is now required to install it.Unless you are an expert onDNS-server setup, pleasefollow the recommondationof the wizard to let thewizard install now theDNS-server.

Again the question:will you have a network withsome “legacy” systems(= all pre-Windows 20000,like Windows95/98/ME/NT4)

Let’s hope, that we will never have to use this passwordfor a Restore operation……

The summary of all theinformation collected in theprevious steps.Selecting now “Next“will start the installationof the Active Direcory andof the DNS-server.

You may have to be patient nowfor a LONG time :Please, just WAIT !

It will need to install DNS

You may have to insert your Windows2000 CD-ROM or pointthe wizard to the installation fileson the disk (if you copied them fromCD-ROM to an I386 folder, as it isoften done on NT-installations)

Finished ! You need to restart !After making the Logon, you will be shown again the window for “Configure Your Server”:the information has changed, since you did already make the basic configuration.You can now select to NOT “Show this screen at startup“.You are now able to define Active Directory Users.If you need to change your configuration and make the system again a Stand-alone server,you can un-install Active Directory.

Featured Product

Latest Podcast

Featured Freeware

Recommended

Follow Us

Windows 2000 Server: Configure Active Directory

TECHGENIX

TechGenix reaches millions of IT Professionals every month, and has set the standard for providing free technical content through its growing family of websites, empowering them with the answers and tools that are needed to set up, configure, maintain and enhance their networks.